ZigBee IEEE 802.15.4 - PowerPoint PPT Presentation

About This Presentation
Title:

ZigBee IEEE 802.15.4

Description:

Ethical Hacking, Managed Security Services, Application Security, Network Security, Security Testing, Enterprise Security, Security for IoT, SCADA Security, Digital Forensics – PowerPoint PPT presentation

Number of Views:69

less

Transcript and Presenter's Notes

Title: ZigBee IEEE 802.15.4


1
  • ZigBee IEEE 802.15.4 
  • What it is
  • a high-level communication protocol for WSNs and
    WPANs
  • a M2M Area Network Technology for WLANs.
  • Attributes
  • Low power consumption, low-cost, low bitrate
  • mesh networking standard supports 10-1000 meter
    range
  • highly reliable
  • stable against node failover
  • global standards for interoperability
  • Applications
  • Home Automation, Building Automation, Smart
    Energy, Health and Fitness, 3D gaming,
    Telecommunications, Retail, Industrial Control.

2
  • Security Architecture

Access Control Frame address validation MAC Layer Frame Integrity, Trust Center Architecture for Secure Network Admittance.
Authentication and Data Confidentiality Symmetric Key Encryption for Frames Confidentiality AES-CTR Authentication AES-CBC-MAC with 32,-64,128bit MAC Confidentiality Authentication AES -CCM with 32-,64-,128 bit MAC Supports PKI.
Frame Integrity Protection against tampering for data in transit MIC 32/64/128 bits based on AES-CBC-MAC
Sequential Freshness Prevention of Replay Attacks 4-Byte Frame Counter
  • Common security concerns
  • Long battery life of at least 2 years is a must
    to pass ZigBee certification. So
    resource-intensive security measures are avoided
    to keep power consumption low and limited.
  • Interoperability among ZigBee profiles might
    force security slackening.
  • ZigBee-based devices are essentially low-cost,
    thus lacking protection from physical attacks
    using serial interfaces such as GoodFet and
    BusPirate.

3
Golden Rules for Security in the Residential Mode
  • Building blocks of ZigBee security Key
    establishment, key transport, frame protection
    and device management.
  • Key management is all about secure
    initialization, installation, processing and
    storage of Network Keys and Link Keys.
  • End-to-end Data Security Only a source and a
    destination
  • device can decrypt a message using a combination
    of keys.
  • The APS and NWK layers can both independently
    process the secure MAC frames with either
    encryption (confidentiality) or authentication,
    or both.
  • The ZigBee Device Object (ZDO) manages security
    policies and security configuration for devices.

4
In the lab
A real world assessment environment Testing a
smart device model for lighting and temperature
control based on ZigBee Home Automation Profile
  • Development Kits Xbee and Texas Instruments
  • ZigBee Coordinator (ZC/ZTC) Xbee RF
    Module/CC2531 USB Dongle (0x0000)
  • ZigBee End Device (ZED) Xbee RF Module/CC2530
    development board (0x6EC7)

- set up as a monitoring node, fitted with
temperature sensor, LED and LDR for light
sensing/emission and light intensity
measurement.
  • ZigBee Router (ZR) Xbee RF Module/CC2530
    development board (0xCEBC)

5
ZigBee Logical Device Types and Functions
Node Types RFD Reduced Function Device FFD
Full Function Device
  • ZigBee Coordinator (FFD, parent)
  • starts the network, maintains neighbor and
    router lists.
  • acts as Trust Center for secure node joining
    (authenticates new joiner).
  • PAN Coordinator functions for network and
    security management.
  • can update link key and network key
    periodically.
  • transfers application packets.
  • ZigBee Router (FFD)
  • Allows devices to join the network
  • Multi-hop communication
  • ZigBee End Devices (RFD or FFD, child)
  • battery-powered radios with short duty-cycles.
  • sensor nodes for data sampling.
  • can be routed using a ZigBee gateway.
  • transfers application packets.

6
  • ZigBee deployment flaws
  • in Residential Mode
  • Attack Vector
    Analysis
  • Assessing insecure implementation risks

7
1. EAVESDROPPING FOR NETWORK DISCOVERY DEVICE
IDENTIFICATION
Network discovery Sniffing of the Unencrypted
MAC Header to identify configuration, node
addresses, stack profile and PAN IDs from Beacon
Responses sent to end devices by Coordinators and
Routers.
SENSOR NODE
Legitimate Beacon Request Frame (0x07)
Packet Capture
Spoofed Beacon Request Frame
COORDINATOR
Unencrypted Beacon Response Frame PAN ID, source
address, stack profile, stack version, and IEEE
address
EXPLOIT DEVICE
SNIFFED
8
2. REPLAY ATTACK OFFLINE MODE
The Frame Counter in the NWK layer drops replayed
packets. But the MAC layer is vulnerable to
replay of MAC command frames as the layer cannot
process an incoming frame counter.
SENSOR NODE
Legitimate Data Request
CAPTURED
COORDINATOR
Replay of the captured LED ON/OFF packets
excluding ACK frame on the channel. Delay of
1/10th of a second between each frame.
EXPLOIT DEVICE
9
3. DENIAL OF SERVICE (A). PACKET INJECTION IN
REAL-TIME
Effecting short-term unavailability of the
coordinators services for a legitimate device
by causing bandwidth consumption and node energy
draining.
Continuous packet injection to expend bandwidth.
Injecting a spoofed beacon request frame on a
loop with a 1-sec delay
COORDINATOR
EXPLOIT DEVICE
ZC does not respond to legitimate requests from
network nodes.
Node energy drain due to extended wake state
caused by its retransmission loop in anticipation
of response.
10
3. ASSOCIATION FLOOD IN REAL-TIME
Disengaging a legitimate device and preventing
rejoin using a syn flood attack. Some vendors
defend against this using device identity tables
to detect suspicious behavior.
Injecting a forged combination of association
request and data request on a loop with a 1-sec
delay
COORDINATOR
Continuous stream of Association Responses
Association table overflows, expending processing
memory.
EXPLOIT DEVICE
Coordinators Communication with legitimate nodes
is obstructed.
11
4. PAN ID CONFLICT ATTACK
Sabotaging the PAN Coordinators network
management by means of manipulation which is in
essence, the initiation of a persistent conflict
of PAN IDs.
Continuous sniffing of the network to collect
PAN IDs, extended PAN IDs and channel.
Coordinator senses PAN ID Conflict and realigns
network to a new PAN ID for every conflicting PAN
ID replayed.
EXPLOIT DEVICE 1
COORDINATOR
Nodes struggle to keep up with rapid PAN ID
rotation process which is triggered
repetitively. After a few seconds, communication
disintegrates.
Continuous broadcast replay of forged association
responses on the channel impersonating the PAN
Coordinator.
EXPLOIT DEVICE 2
12
OTA key provisioning vs. Pre-configured Keys
Network key is delivered in plaintext to end device - higher susceptibility to key sniffing. Keys are pre-installed by vendor in manufacture - unless keys are updated, knowledge of the default keys of the vendor can be used to make an illegitimate node (of the same vendor) join the network. - physical attacks often attempted.
Key rotation process is supported. Key rotation / revocation is not possible.
All data is initially encrypted with network key until link keys are derived. After device pairing, all data is encrypted with pre-installed link key.
Widely preferred for large scale deployments for ease of set up since employees need not handle activation procedures. Small deployments in home automation are more likely to use this method of key provisioning.
  • Trust Center in the Residential Mode or Standard
    Security Mode maintains only the standard network
    keys.
  • We deem it necessary for deployers to equip the
    TC host with enough resources to maintain a list
    of nodes and network policies to incorporate the
    resilience features of the High Security Mode to
    the extent possible while maintaining the
    low-cost factor.
  • The OTA key provisioning mechanism must be
    bolstered by other security measures to reduce
    key sniffing/reuse
  • vulnerabilities.
  • Optimally leverage the AES-based security
    framework and Trust Center controls to harden the
    network ecosystem.

13
Best Practices
  • Security at the MAC Layer
  • MAC Layer only secures its own frames between
    neighboring nodes (no end-to-end protection as in
    APS layer)
  • ACL-based node admission and Unsecured Mode are
    unreliable.
  • MIC must be used to validate frame check sum and
    message sequence.
  • Node Revival
  • Association/Syn Floods and PAN ID Conflict
    Attacks aim at disengaging nodes and disrupting
  • coordinator responses.
  • Disconnected nodes are not immediately
    discernible.
  • Set Node Join Time parameter to Always.
  • Nonce Reuse
  • Sequential message numbers (nonces) can help
    detect and prevent replay attacks.
  • Nonces must always be distinct although the
    security key is same for two messages.
  • Attackers can spoof messages by copying the same
    nonce used by a previous message.
  • Save nonces in NVRAM so that status is preserved
    after a power failure.
  • Preventing Physical Attacks
  • Debuggers and key sniffers are used to extract
    encryption keys from firmware on any node.
  • Existing key is usually not invalidated once a
    node is removed from the network
  • this eases rogue entry into network.
  • Tamper-proofing nodes and Out-of-band key loading
    via serial ports helps eliminate exposure to
    sniffing.

14
  • About Us Aleph Tav Technologies is a security
    testing service provider founded in the year 2015
    and headquartered in Chennai, India. We strive to
    equip companies with knowledge and actionable
    insights to help them put up a winning fight
    against threats to information security. Our
    vision is to help people and enterprises embrace
    technology whilst being fully aware of the danger
    that it can pose to their credibility and
    business
  • Our services include Ethical Hacking, Managed
    Security Services, Application Security, Network
    Security, Security Testing, Enterprise Security,
    Security for IoT, SCADA Security, Digital
    Forensics
Write a Comment
User Comments (0)
About PowerShow.com